I'm developing an android app using Firemonkey. This app makes requests to a WebApi using Rest and returning json result. The API is already developed and each request needs to send user and password as querystring to return data. My question is: what is the best way to save sensitive data in firemonkey (android). Of course using encryption to store such data is the first thing that comes to mind, but is there any native and secure feature for this on firemonkey?
How to save sensitive data as a password in firemonkey?
951 Views Asked by Marcoscdoni At
2
There are 2 best solutions below
Related Questions in ANDROID
- Creating global Class holder
- Flutter + Dart: Editing name of a tab shows up a black screen
- android-pdf-viewer Received status code 401 from server: Unauthorized
- Sdk 34 WRITE_EXTERNAL_STORAGE not working
- ussd reader in Recket Native module
- Incorrect display of LinearGradientBrush in IOS
- The Binary Version Of its metadata is 1.8.0, expected Version is 1.6.0 build error
- I can't make TextInput to auto expand properly in Android
- Creating multiple instances of a class with different initializing values in Flutter
- How to create a lottie animation
- making android analyze with coverity sast tool
- Flutter plugin development android src not opening after opening example
- I initialize my ViewModel in the Activity with several fragments as tabs, but the fragments(tabs) return null for the updated livedata
- Node.js Server + Socket.IO + Android Mobile Applicatoin XHR Polling Error...?
- How I can use the shared preferences class?
Related Questions in DELPHI
- How can I read the header of request to webserver
- Receiving Notifications for Individual Task Completion OmniThreadLibrary Parallel.ForEach
- Delphi - How to get result of function from QuickReport without viewing a report?
- Out of memory while adding documents to a Firebird BLOB field with Delphi
- How to MakeScreenshot fullpage on Delphi
- How to program a COM object with an IEnumerator, IEnumerable interface inside
- How to Dynamically Add Controls to Delphi Form
- How to write a string in Stringrid with DelimitedText in FMX Delphi 11
- TGrid/TStringGrid multi cell selection / multi editing in delphi firemonkey (12)
- How to localize "Today" in the Delphi TMonthCalendar?
- How can I call a SOAP webserver method in Vue.js?
- Efficiently Handling Large Number of API Calls with Delphi 10.4 and OmniThreadLibrary
- Delphi can not compile the unit create by its "XML Data Binding Wizard"
- Save Form Properties in File and then restore those Properties after reopening
- Is it possible to open a blob without saving it to file
Related Questions in FIREMONKEY
- How to MakeScreenshot fullpage on Delphi
- How to write a string in Stringrid with DelimitedText in FMX Delphi 11
- TGrid/TStringGrid multi cell selection / multi editing in delphi firemonkey (12)
- Tlabeledit component for FMX framework
- Fastest way to draw a wave distortion effect in Delphi FMX?
- Delphi FMX Android Printing with Sunmi V2 Device
- How to debug on Android device via WI-FI
- Default Text Property for Custom Button in Delphi
- How to capture Enter key (vkReturn) in Delphi FMX on Android?
- Getting list of devices plugged in in a pc (windows platform)
- Delphi FMX: How to write a custom shader filter?
- NetCom7 Chat Demo
- .dylib not Found Trying to Open the Program After Being Generated by PAServer
- Delphi - TakePhotoFromCameraAction - photo resolution
- How do I determine the "z-index" of a Firemonkey component that I have used SendToBack or BringToFront methods on?
Related Questions in DELPHI-10.1-BERLIN
- Getting Error: Unable to install package. (e800004b) in dephi while trying to run in iPhone
- In an XML document with prolog, how can I get the children of the root node with their attributes?
- How to read a floating point value correctly from an XML file independently from regional settings?
- TStateMachine<TState, TTrigger>.TStateConfiguration.OnEntry is never fired
- How to vertically center the Edit Text in Vcl.ExtCtrls.TButtonedEdit?
- disable indy TIdTCPClient connect retries in firemonkey
- How to match start address of a thread to a module name?
- Delphi 10.1 Berlin Firemonkey TComboBox StyledSettings, Excluding the styles
- FMX on iOS: how to perform partial invalidation?
- How to check if Anonymous thread is running
- How to completely terminate Parallel task from main thread?
- How to set a higher task priority to a Parallel.Async background task?
- Main thread blocking parallel thread?
- Indy TCP Hole Punching, 10061 Connection refused
- How to filter out non-readable screen-fonts?
Related Questions in FIREMONKEY-FM3
- How to disable data mobile with firemonkey Rad 10.3?
- No 'teamID' specified and no team ID found in the archive
- Firemonkey (Rad Studio 10.3.2) current time issue on Android
- Delphi 10.2 Tokyo Android onActivityResult Sunmi Code Scanning
- In LiveBindings situation, how can I display the labels contained in a AdapterBindSource to a column of a grid?
- Implement clipboard operations via menu
- Changing FMX multi-platform style property at runtime
- How to save sensitive data as a password in firemonkey?
- How to store blob to database thru Datasnap REST server?
- Unicode mapping Error while opening INI files on MacOS
- Delphi consume a procedure from an Android Jni wrapper
- Firemonkey Gradient Colors on Android
- How to show a secondary form on taskbar using FMX C++?
- How to enter memo strings between two lines without delete the content of the next line?
- How to get the screen size with C++ builder (Firemonkey)
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Do not encrypt passwords, when the attacker gets the DB he will also get the encryption key.
Just using a hash function is not sufficient and just adding a salt does little to improve the security.
Instead iIterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use functions such as
PBKDF2,password_hash,Bcryptand similar functions. The point is to make the attacker spend a lot of time finding passwords by brute force.Do not send the user's password in the query string, with an HTTP connection it is in the clear, with an HTTPS connection it will be encrypted but probably end up in the server log files